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DETAILED ACTION 
Priority 

1 . Applicants claim for benefit of domestic priority under 35 U.S.C. 1 19(e) is 
acknowledged. 

The application is filed on 9/21/2004 but has a U.S. provisional application 
number 60/481,407 filed on 9/22/2003. 

Specification 

2. The disclosure is objected to because it contains an embedded hyperlink and/or 
other form of browser-executable code (SPEC: Page 3 Para [001 1]). Applicant is 
required to delete / re-write the embedded hyperlink and/or other form of browser- 
executable code. See MPEP § 608.01. 

Claim Objections 

3. Claim 1 is objected to because of the following infonnalities: "the method" should 
be replaced with "the computer program". Appropriate correction(s) is (are) required. 

4. Claims 1,11 and 20 are objected to because of the following informalities: "the 
name of the owner" should be replaced with "a name of a owner". Appropriate 
correction(s) is (are) required. 
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5. Claims 5 and 14 are objected to because of the following infonnalities: "that 
listens listens" may be replaced with "listens" (to avoid unnecessary confusion). 

6. Claims 5, 14 and 22 are objected to because of: "non routable" should be 
replaced with "non-routable". Appropriate correction(s) is (are) required. 

Claim Rejections - 35 USC § 101 

35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or 
any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and 
requirements of this title. 

7. Claim 1 is rejected under 35 U.S.C. 101 because this claim is directed to "A 
computer program", which is merely an example of functional descriptive material, (i.e. 
software, per se), and is nonstatutory under 35 USC 101. By not limiting the computer 
program product to being stored on a computer readable storage medium, there is a 
lack of the required functional and structural interrelationship between the software and 
the computer storage medium that permits the functionality of the software to be 
realized upon access by a processor. This ability is what underlies the ability to provide 
a practical application. Warmerdam, 33 F.3d at 1361, 31 USPQ2d at 1760. In re 
Sarkar, 588 F.2d 1330, 1333, 200 USPQ 132, 137 (CCPA 1978). See MPEP § 2106 
(IV. B). 1(a). All dependent claims are rejected to as having the same deficiencies as 
the claims they depend from. 
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Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

A person shall be entitled to a patent unless - 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

8. Claims 1, 3, 4. 6-9, 11 - 13, 15- 18, 20, 21 and 23-25 are rejected under 35 
U.S.C. 103(a) as being unpatentable over Le Berre (Patent Number: EP 0940960 A1) in 
view of Schneider (U.S. Patent 6,760,746). 

« 

As per claim 1 , Le Berre teaches a computer program for assisting a user to 
determine whether a hyperlink to a target uniform resource locator (URL) is 
spoofed (Le Berre: Abstract, the last sentence and Column 5 Line 56 - 58), the method 
comprising: 

a code segment that listens with a computerized system for an activation of 
the hyperlink (Le Berre: Column 7 Line 28 - 27 and Column 5 Line 56 - 58: an 
activation of the URL link); 

a code segment that extracts an originator identifier and encrypted data 
from the hyperlink (Le Berre: Figure 5 and Column 6 Line 31 - 55. Column 10 Line 31 
- 32, Column 12 Line 56 - Column 13 Line 1 - 5 and Column 3 Line 42-45: (a) the 
originating server ID is qualified as an originator identifier and (b) a data element is 
encrypted at the originate server A by using its private key and (c) the receiving server 
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B decrypts the data and checks the received signature from within the qualified set of 
servers); 

a code segment that decrypts said encrypted data into decrypted data 
based on said originator identifier (Le Berre: Figure 5 and Column 6 Line 31 - 55, 
Column 12 Line 51 - 52 and Column 12 Line 56 - Column 13 Line 1-5: (a) a data 
element is encrypted at the originate server A by using its private key (b) the receiving 
server B knows the con^esponding public key of the originate server A and (c) the 
receiving server B decrypts the data and checks the received signature); 

a code segment that redirects (Le Berre: Column 2 Line 30 - 34 and Column 6 
Line 5-11; HTTP re-direction from server A to server B); and 

a code segment that determines whether the hyperlink includes said 
originator identifier and said encrypted data decrypts successfully (Le Berre: 
Column 3 Line 42 - 45, Figure 5 and Column 6 Line 31 - 55 and Column 10 Line 31 - 
32: the receiving server B decrypts the data and checks the received signature from 
within the qualified set of servers), and then: 

runs said code segment that redirects, to redirect the user to the target 
URL (Le Berre: Figure 4 & Column 2 Line 30 - 34 and Column 6 Line 5-11); 

Le Berre does not disclose expressly a code segment that presents information 
on a display unit; runs said code segment that presents, to present a confirmation of 
authentication to the user conveying the name of the owner and the domain name of the 
target URL, and othen/vise, runs said code segment that presents, to present a warning 
dialog to the user. 
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Schneider in view of Le Berre teaches a code segment that presents 
information on a display unit (Schneider: Column 29 Line 9-13); runs said code 
segment that presents, to present a confirmation of authentication to the user (Le 
Berre: Column 8 Line 48-51) conveying the name of the owner and the domain 
name of the target URL (Schneider: Column 29 Line 9-13: (a) displaying the URL 
information with the chosen target domain name being used as a re-direct URL and (b) 
the OriginateServerlD as shown on the URL (Le Berre: Figure 5) that holds the private / 
public key is qualified as the name of the owner), and otherwise, runs said code 
segment that presents, to present a warning dialog to the user (Schneider: Column 
12 Line 50 - 52 and Column 21 Line 52 - 53: an error message upon the detection of 
an invalid URL (or not accessible) or with invalid domain name is displayed). 

It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine the teaching of Schneider within the system of Le Berre 
because (a) Le Berre teaches using a signed URI (Universal Resource Identifier) link to 
access a resource from the internet and to re-direct the client request from server A to 
another server B under the same network domain after authentication (Le Berre: Figure 
4 & Column 2 Line 30 - 34 / Line 44 - 45 and Column 6 Line 5 - 1 1), and (b) Schneider 
discloses an enhanced presentation for clarity purpose by displaying the URL 
information with the chosen target domain name being used as a re-direct URL and also 
display an error message upon the detection of an invalid URL (or not accessible) or 
with invalid domain name (Schneider: Column 29 Line 9-13, Column 5 Line 56 - 58 
and Column 3 Line 42 - 45). 
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As per claim 1 1 and 20, Le Berre teaches a system for assisting a user to 
determine whether a hyperlink to a target uniform resource locator (URL) is spoofed (Le 
Berre: Abstract, the last sentence and Column 5 Line 56 ^ 58), the system comprising: 

a logic in said computerized system that listens for activation of the hyperlink (Le 
Berre: Column 7 Line 28 - 27 and Column 5 Line 56 - 58: an activation of the URL link); 

a logic that extracts an originator identifier and encrypted data from the hyperlink 
(Le Berre: Figure 5 and Column 6 Line 31 - 55, Column 10 Line 31 - 32, Column 12 
Line 56 - Column 13 Line 1-5 and Column 3 Line 42 - 45: (a) the originating server ID 
is qualified as an originator identifier and (b) a data element Is encrypted at the originate 
server A by using its private key and (c) the receiving server B decrypts the data and 
checks the received signature from within the qualified set of servers); 

a logic that decrypts said encrypted data into decrypted data based on said 
originator identifier ((Le Berre: Figure 5 and Column 6 Line 31 - 55, Column 12 Line 51 
- 52 and Column 12 Line 56 - Column 13 Line 1-5: (a) a data element is encrypted at 
the originate server A by using its private key (b) the receiving server B knows the 
corresponding public key of the originate server A and (c) the receiving server B 
decrypts the data and checks the received signature); 

a code segment that redirects ((Le Berre: Column 2 Line 30 - 34 and Column 6 
Line 5-11; HTTP re-direction from server A to server B); 

a logic that determines whether the hyperlink includes said originator identifier 
and that said encrypted data decrypts successfully (Le Berre: Column 3 Line 42 - 45, 
Figure 5 and Column 6 Line 31 - 55 and Column 10 Line 31 - 32: the receiving server 
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B decrypts the data and checks the received signature from within the qualified set of 
servers); 

a logic responsive to said logic that determines, that redirects the user to the 
target URL (Le Berre: Figure 4 & Column 2 Line 30 - 34 and Column 6 Line 5-11); 
and 

Le Berre does not disclose expressly a computerized system having a display 
unit; a logic responsive to said logic that determines, that presents on said display unit a 
confirmation of authentication conveying the name of the owner and the domain name 
of the target URL; and a logic responsive to said logic that determines, that presents on 
said display unit a warning dialog to the user. 

Schneider in view of Le Berre teaches a computerized system having a display 
unit (Schneider: Column 29 Line 9 - 13); a logic responsive to said logic that 
determines, that presents on said display unit a confirmation of authentication (Le Berre: 
Column 8 Line 48-51) conveying the name of the owner and the domain name of the 
target URL (Schneider: Column 29 Line 9-13: (a) displaying the URL information with 
the chosen target domain name being used as a re-direct URL and (b) the 
OriginateServerlD as shown on the URL (Le Berre: Figure 5) that holds the private / 
public key is qualified as the name of the owner), and a logic responsive to said logic 
that determines, that presents on said display unit a warning dialog to the user 
(Schneider: Column 12 Line 50 - 52 and Column 21 Line 52 - 53: an error message 
upon the detection of an invalid URL (or not accessible) or with invalid domain name is 
displayed). 
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It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine the teaching of Schneider within the system of Le Berre 
because (a) Le Berre teaches using a signed URI (Universal Resource Identifier) link to 
access a resource from the internet and to re-direct the client request from server A to 
another server B under the same network domain after authentication (Le Berre: Figure 
4 & Column 2 Line 30 - 34 / Line 44 - 45 and Column 6 Line 5 - 1 1), and (b) Schneider 
discloses an enhanced presentation for clarity purpose by displaying the URL 
information with the chosen target domain name being used as a re-direct URL and also 
display an error message upon the detection of an invalid URL (or not accessible) or 
with invalid domain name (Schneider: Column 29 Line 9-13, Column 5 Line 56 - 58 
and Column 3 Line 42 - 45). 

As per claim 3, 12 and 21, Le Berre as modified teaches said code segment that 
listens runs as a service in said computerized system (Le Berre: Column 5 Line 24 - 27: 
running as a HTTP server to provide the authentication. services). 

As per claim 4 and 13, Le Berre as modified teaches said code segment that 
listens includes a hypertext transport protocol (HTTP) server (Le Berre: Column 5 Line 
24 - 27: running as a HTTP server to provide the authentication services). 
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As per claim 6, 15 and 23, Le Berre as modified teaches said code segment that 
decrypts includes a code segment that extracts the target URL from said decrypted data 
(Le Berre: Column 6 Line 5-18). 

As per claim 7, 16 and 24. Le Berre as modified teaches a code segment that 
extracts a digital signature from said decrypted data; and a code segment that verifies 
said digital signature against said originator identifier (Le Berre: Figure 5 and Column 6 
Line 31 - 55, Column 12 Line 51 - 52 and Column 12 Line 56 - Column 13 Line 1 - 5: 
(a) a data element is encrypted at the originate server A by using its private key (b) the 
receiving server B knows the corresponding public key of the originate server A and (c) 
the receiving server B decrypts the data and checks the extracted signature). 

As per claim 8 and 17, Le Berre as modified teaches said code segment that 
decrypts employs a public key associated with said originator identifier (Le Berre: 
Column 12 Line 56 - Column 13 Line 1 - 5 and Column 3 Line 42 - 45: (a) a data 
element is encrypted at the originate server A by using its private key (b) the receiving 
server B knows the coresponding public key of the originate server A and (c) the 
receiving server B decrypts the data and checks the received signature). 

As per claim 9, 18 and 25, Le Berre as modified teaches a code segment that 
matches said originator identifier to one of a plurality of registered originators; and a 
code segment that retrieves a decryption key associated with said originator identifier 
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for use by said code segment that decrypts (Le Berre: Column 3 Line 42 - 45 and 
Column 12 Line 56 - Column 13 Line 1 - 5: the receiving server B decrypts the data 
and checks the received signature from within the qualified set of servers - i.e. by using 
the public key from within the qualified set of a pluralitv of originate servers) . 

9. Claim 2 is rejected under 35 U.S.C. 103(a) as being unpatentable over Le Berre 
(Patent Number: EP 0940960 A1) in view of Schneider (U.S. Patent 6.760,746), and in 
view of Dunnion et al. (U.S. Patent 2002/0199119). 

As per claim 2, Le Berre as modified does not disclose expressly the computer 
program is digitally signed. 

Dunnion teaches the computer program is digitally signed (Dunnion: Para [0099]: 
the entire downloaded program can be digitally signed for security reason to ensure that 
the software downloaded is actually that provided by the supplier and has not been 
replaced or altered). 

It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine the teaching of Dunnion within the system of Le Berre 
as modified because (a) Le Berre teaches using a signed URI (Universal Resource 
Identifier) link to access a resource from the internet and to authenticate the requesting 
user with a signed data signature from within the qualified set of servers (Le Berre: 
Column 5 Line 56 - 58 and Column 3 Line 42 - 45), and (b) Dunnion teaches providing 
a method of a security services system where not only the data files and email traffic 



Application/Control Number: 10/711,495 Page 12 

Art Unit: 2131 

need to be secured but also the entire downloaded program can be digitally signed for 
security reason to ensure that the software downloaded is actually that provided by the 
supplier and has not been replaced or altered (Dunnion: Para [0005] and Para [0099]). 

10. Claims 5, 14 and 22 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Le Berre (Patent Number: EP 0940960 A1) in view of Schneider (U.S. Patent 
6,760.746). and in view of Perry (U.S. Patent 2003/01 54306). 

As per claim 5. 14 and 22. Le Berre as modified does not disclose expressly said 
code segment that listens at a preset non-routable internet protocol (IP) address and at 
a preset port. 

Perry teaches said code segment that listens at a preset non-routable internet 
protocol (IP) address and at a preset port (Perry: Para [0025] Last sentence and Para 
[0024]: using a non-routable private IP address with a dynamically established port). 

It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine the teaching of Perry within the system of Le Berre as 
modified because (a) Le Berre teaches using a signed URI (Universal Resource 
Identifier) link to access a resource anvwhere from the internet and to re-direct the client 
request from server A to another server B under the same network domain (Le Berre: 
Figure 4 & Column 2 Line 30 - 34 / Line 44-45 and Column 6 Line 5 - 1 1), and (b) 
Perry teaches providing a non-routable private IP address with a dynamically 
established port for inbound connections with the advantage of conserving IP address. 
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which are becoming increasingly difficult to acquire due to exhaustion of the limited IP 
address space (Perry: Para [0016] Last sentence and Para [0025] Last sentence). 

11. Claims 10, 19 and 26 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Le Berre (Patent Number: EP 0940960 A1) in view of Schneider (U.S. Patent 
6.760.746). and in view of Haitsuka et al. (U.S. Patent 6.766.369). 

As per claim 10. 19 and 26, Le Berre as modified does not disclose expressly 
said code segment that presents employs a dialog box that only software running locally 
in said computerized system can provide, thereby avoiding confusion with a remotely 
generated browser window. 

Haitsuka teaches said code segment that presents employs a dialog box that 
only software running locally in said computerized system can provide, thereby avoiding 
confusion with a remotely generated browser window (Haitsuka: Column 7 Line 35 - 37, 
Column 8 Line 44 - 47 and Column 10 Line 49 - 52: the display can have not only a 
browser window but also a client window; where the client window is generated / 
controlled by the local client application). 

It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine the teaching of Haitsuka within the system of Le Berre 
as modified because (a) Le Berre teaches using a signed URI (Universal Resource 
Identifier) link to access a resource from internet by using a secured SSL (Session 
Security Layer) for the exchanges between the user and the server (Le Berre: Column 
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1 1 Line 8-10), and (b) Haitsuka teaches providing a flexible mechanism with a display 
having not only a browser window but also a client window; where the client window is 
generated / controlled by the local client application during a SSL communication 
session to indicate the connection status (including the authentication for a typical SSL 
connection) for the clarity purpose to avoid being confused with the display of browser 
window (Connery: Column 7 Line 35 - 37 and Column 10 Line 49 - 52 / Line 43 - 45). 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Longbit Chai whose telephone number is 571-272-3788. 
The examiner can normally be reached on Monday-Friday 9:00am-5:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R. Sheikh can be reached on 571-272-3795. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 




Longbit Chai. Ph.D. 
Patent Examiner 
Art Unit 2131 
5/18/2007 



